Adobe Acrobat Reader vulnerabilities
1,107 known vulnerabilities affecting adobe/acrobat_reader.
Total CVEs
1,107
CISA KEV
21
actively exploited
Public exploits
43
Exploited in wild
25
Severity breakdown
CRITICAL352HIGH412MEDIUM316LOW27
Vulnerabilities
Page 7 of 56
CVE-2022-34224HIGHCVSS 7.8≥ 20.001.30005, ≤ 20.005.30334≥ 20.001.30005, ≤ 20.005.30331+3 more2023-09-11
CVE-2022-34224 [HIGH] CWE-416 CVE-2022-34224: Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.3022
Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
cvelistv5nvd
CVE-2019-16470HIGHCVSS 7.8≤ 2019.021.200562023-09-11
CVE-2019-16470 [HIGH] CWE-121 CVE-2019-16470: Adobe Acrobat Reader versions 2019.021.20056 and earlier are affected by a Stack-based Buffer Overfl
Adobe Acrobat Reader versions 2019.021.20056 and earlier are affected by a Stack-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
cvelistv5nvd
CVE-2019-7819MEDIUMCVSS 5.5≤ 2019.010.200982023-09-11
CVE-2019-7819 [MEDIUM] CWE-125 CVE-2019-7819: Adobe Acrobat Reader versions 2019.010.20098 and earlier are affected by an out-of-bounds read vulne
Adobe Acrobat Reader versions 2019.010.20098 and earlier are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
cvelistv5nvd
CVE-2022-34238MEDIUMCVSS 5.5≥ 20.001.30005, ≤ 20.005.30334≥ 20.001.30005, ≤ 20.005.30331+3 more2023-09-11
CVE-2022-34238 [MEDIUM] CWE-125 CVE-2022-34238: Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 20.005.30334 (and
Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 20.005.30334 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in
cvelistv5nvd
CVE-2021-40723MEDIUMCVSS 5.5fixed in 17.011.30190≥ 20.0, < 20.001.30020+1 more2023-09-07
CVE-2021-40723 [MEDIUM] CWE-125 CVE-2021-40723: Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2
Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires us
cvelistv5nvd
CVE-2021-35980HIGHCVSS 7.8≥ 17.011.30180, < 17.011.30199≥ 20.001.30005, < 20.004.30006+1 more2023-09-06
CVE-2021-35980 [HIGH] CWE-22 CVE-2021-35980: Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.3
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a Path traversal vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction
cvelistv5nvd
CVE-2021-28644HIGHCVSS 7.8≥ 17.011.30180, < 17.011.30199≥ 20.001.30005, < 20.004.30006+1 more2023-09-06
CVE-2021-28644 [HIGH] CWE-22 CVE-2021-28644: Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.3
Acrobat Reader DC versions 2021.005.20054 (and earlier), 2020.004.30005 (and earlier) and 2017.011.30197 (and earlier) are affected by a Path traversal vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction
cvelistv5nvd
CVE-2021-21088HIGHCVSS 7.8≥ 17.011.30180, < 17.011.30190≥ 20.001.30005, < 20.001.30020+1 more2023-09-06
CVE-2021-21088 [HIGH] CWE-416 CVE-2021-21088: Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2
Acrobat Reader DC versions versions 2020.013.20074 (and earlier), 2020.001.30018 (and earlier) and 2017.011.30188 (and earlier) are affected by a Use After Free vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user in
cvelistv5nvd
CVE-2021-39859MEDIUMCVSS 5.5≥ 17.011.30180, < 17.011.30202≥ 20.001.30005, < 20.004.30015+1 more2023-09-06
CVE-2021-39859 [MEDIUM] CWE-416 CVE-2021-39859: Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.3
Acrobat Reader DC versions 2021.005.20060 (and earlier), 2020.004.30006 (and earlier) and 2017.011.30199 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction
cvelistv5nvd
CVE-2023-38226HIGHCVSS 7.8≥ 20.001.30005, < 20.005.30516.10516≥ 20.001.30005, < 20.005.30514.10514+1 more2023-08-10
CVE-2023-38226 [HIGH] CWE-824 CVE-2023-38226: Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected
Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
cvelistv5nvd
CVE-2023-38224HIGHCVSS 7.8≥ 20.001.30005, < 20.005.30516.10516≥ 20.001.30005, < 20.005.30514.10514+1 more2023-08-10
CVE-2023-38224 [HIGH] CWE-416 CVE-2023-38224: Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected
Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
cvelistv5nvd
CVE-2023-29320HIGHCVSS 7.8≥ 20.001.30005, < 20.005.30516.10516≥ 20.001.30005, < 20.005.30514.10514+1 more2023-08-10
CVE-2023-29320 [HIGH] CWE-657 CVE-2023-29320: Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected
Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Violation of Secure Design Principles vulnerability that could result in arbitrary code execution in the context of the current user by bypassing the API blacklisting feature. Exploitation of this issue requires user interaction in that a victim
cvelistv5nvd
CVE-2023-38246HIGHCVSS 7.8≥ 20.001.30005, < 20.005.30516.10516≥ 20.001.30005, < 20.005.30514.10514+1 more2023-08-10
CVE-2023-38246 [HIGH] CWE-824 CVE-2023-38246: Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected
Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
cvelistv5nvd
CVE-2023-38228HIGHCVSS 7.8≥ 20.001.30005, < 20.005.30516.10516≥ 20.001.30005, < 20.005.30514.10514+1 more2023-08-10
CVE-2023-38228 [HIGH] CWE-416 CVE-2023-38228: Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected
Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
cvelistv5nvd
CVE-2023-38233HIGHCVSS 7.8≥ 20.001.30005, < 20.005.30516.10516≥ 20.001.30005, < 20.005.30514.10514+1 more2023-08-10
CVE-2023-38233 [HIGH] CWE-787 CVE-2023-38233: Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected
Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
cvelistv5nvd
CVE-2023-38229HIGHCVSS 7.8≥ 20.001.30005, < 20.005.30516.10516≥ 20.001.30005, < 20.005.30514.10514+1 more2023-08-10
CVE-2023-38229 [HIGH] CWE-125 CVE-2023-38229: Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected
Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
cvelistv5nvd
CVE-2023-38227HIGHCVSS 7.8≥ 20.001.30005, < 20.005.30516.10516≥ 20.001.30005, < 20.005.30514.10514+1 more2023-08-10
CVE-2023-38227 [HIGH] CWE-416 CVE-2023-38227: Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected
Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
cvelistv5nvd
CVE-2023-38231HIGHCVSS 7.8≥ 20.001.30005, < 20.005.30516.10516≥ 20.001.30005, < 20.005.30514.10514+1 more2023-08-10
CVE-2023-38231 [HIGH] CWE-787 CVE-2023-38231: Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected
Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
cvelistv5nvd
CVE-2023-38225HIGHCVSS 7.8≥ 20.001.30005, < 20.005.30516.10516≥ 20.001.30005, < 20.005.30514.10514+1 more2023-08-10
CVE-2023-38225 [HIGH] CWE-416 CVE-2023-38225: Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected
Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
cvelistv5nvd
CVE-2023-38222HIGHCVSS 7.8≥ 20.001.30005, < 20.005.30516.10516≥ 20.001.30005, < 20.005.30514.10514+1 more2023-08-10
CVE-2023-38222 [HIGH] CWE-416 CVE-2023-38222: Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected
Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.
cvelistv5nvd